beautypg.com

Physical disk security with self encrypting disk – Dell PowerVault MD3220 User Manual

Page 106

background image

106

Configuration: Disk Groups and Virtual Disks

Physical Disk Security with Self Encrypting Disk

Self encrypting disk (SED) technology prevents unauthorized access to the

data on a physical disk that is physically removed from the storage array. The

storage array has a security key. Self encrypting disks provide access to data

only through an array that has the correct security key.
The self encrypting disk or a security capable physical disk encrypts data

during writes and decrypts data during reads. For more information, see the

PowerVault Modular Disk Storage Manager online help topics.
You can create a secure disk group from security capable physical disks. When

you create a secure disk group from security capable physical disks, the

physical disks in that disk group become security enabled. When a security

capable physical disk is security enabled, the physical disk requires the correct

security key from a RAID controller module to read or write the data. All of

the physical disks and RAID controller modules in a storage array share the

same security key. The shared security key provides read and write access to

the physical disks, while the physical disk encryption key on each physical disk

is used to encrypt the data. A security capable physical disk works like any

other physical disk until it is security enabled.
Whenever the power is turned off and turned on again, all of the security-

enabled physical disks change to a security locked state. In this state, the data

is inaccessible until the correct security key is provided by a RAID controller

module.
You can view the self encrypting disk status of any physical disk in the storage

array from the Physical Disk Properties dialog. The status information

reports whether the physical disk is:

• Security Capable
• Secure—Security enabled or disabled
• Read/Write Accessible—Security locked or unlocked

You can view the self encrypting disk status of any disk group in the storage

array. The status information reports whether the storage array is:

• Security Capable
• Secure

book.book Page 106 Tuesday, June 18, 2013 2:53 PM

This manual is related to the following products: